Dispatches from the front
The Evil-Doing Internet
Recent evidence points to rapidly rising rates of criminal gang activity on the Internet. Like indefatigable terrorists (whom some of them are), they’re bleeding the system and moving closer to catastrophic coups.
A week ago, about one million MySpace users caught spyware infections merely by browsing a page on the site that contained a banner ad for DeckOutYourDeck.com. The ad secretly installed a Trojan horse that reported user data to a Russian-language server based in Turkey. Users who had updated their machines with a January Windows security patch at least got a Microsoft notice asking authorization to install the virus’ executable program. Too bad only half of MySpace’s users had installed the patch.
According to the Messaging Anti-Abuse Working Group, 80% of all e-mail is now spam. Microsoft and AOL together intercept almost 5 billion bogus e-mails daily (!), with the flood accounting for 90% of MSN Hotmail traffic. Due to the increased effectiveness of blocking tactics however, only about 5% of the total makes it to users’ desktops. So while the problem isn’t particularly visible, nonetheless it severely taxes backbone bandwidth and translates into the requirement to dedicate four servers for every five that processes e-mail.
Worse, the spam has mutated into much nastier stuff. “The vicious content in the e-mail stream right now is beyond belief," says Neil Schwartzman, chairman of the Coalition Against Unsolicited Commercial Email. He anticipates that terrorists will eventually use millions of PC’s converted into zombies by spam to launch distributed denial of service campaigns that are coordinated with real-world attacks and that target critical servers like those used by first responders or hospitals.
SecureWorks, an Internet security firm with 1,200 clients, reports that its clients’ databases are now being attacked 8,000 times per day, up from about 150 per day in the first quarter of 2006. The attacks -- mostly originating from Russia, China, Brazil, Hungary, and Korea -- focus on websites that allow users to enter sensitive data. But instead of entering data like Social Security or credit card numbers, the hackers feed code into the website’s data fields, thereby allowing them to take over and manipulate the entire database.
An infamous example of this sort of “SQL injection” attack was that launched against CardSystems Solutions. (see our prior article on the subject.) The result was millions of dollars in purchases made with counterfeit cards and the exposure of about 40 million legitimate credit-card numbers.
We don’t pretend to know what the solutions are to this runaway Internet cancer. But we sure would like to see more evidence that the American government and private industry understand the stakes and are dedicating the massive resources necessary to protect us.